Integration
Samples
Complete, ready-to-use configurations and code samples for common GuardRails scenarios. Copy, adapt, and deploy.
Sample 1 — Healthcare AI Node (HIPAA)
An AI inference node that must never emit PHI in its output. Combines timeout protection, PII detection on input (delayed enforcement — the AI needs context), and PII redaction on output.
{
"guardRails": {
"individual": [
{
"name": "TimeoutGuard",
"enabled": true,
"order": 1,
"config": {
"TimeoutMs": 8000,
"WarnAtMs": 6000
}
},
{
"name": "PiiDetectionGuard",
"enabled": true,
"order": 2,
"enableDelayedEnforcement": true,
"config": {
"sensitivityLevel": "high",
"piiTypes": ["SSN", "CreditCard", "Phone", "BankAccount"]
}
},
{
"name": "PiiRedactionGuard",
"enabled": true,
"order": 3,
"config": {
"redaction_method": "mask",
"fields": []
}
}
]
}
}What happens:
- TimeoutGuard warns at 6 s, blocks at 8 s. AI inference that hangs is killed before it blocks the queue.
- PiiDetectionGuard logs PHI in the input but does not block — the AI needs patient context to answer.
- PiiRedactionGuard scrubs the AI's response before it reaches the caller or audit log.
Sample 2 — Payment Processing Node (PCI-DSS)
A payment node. Credit card numbers must never reach it. Strict mode blocks malformed payloads before the payment API call is made.
{
"guardRails": {
"individual": [
{
"name": "InputValidationGuard",
"enabled": true,
"order": 1,
"config": {
"schema": {
"type": "object",
"required": ["userId", "amount", "currency", "paymentMethodToken"],
"properties": {
"userId": { "type": "string" },
"amount": { "type": "number", "minimum": 0 },
"currency": { "type": "string", "minLength": 3, "maxLength": 3 },
"paymentMethodToken": { "type": "string" }
},
"additionalProperties": false
},
"strictMode": true
}
},
{
"name": "PiiDetectionGuard",
"enabled": true,
"order": 2,
"config": {
"sensitivityLevel": "high",
"piiTypes": ["CreditCard", "CVV", "BankAccount"]
}
},
{
"name": "RateLimitingGuard",
"enabled": true,
"order": 3,
"config": {
"scope": "user",
"maxRequests": 10,
"windowSeconds": 60
}
}
]
}
}What happens:
- InputValidationGuard rejects malformed payloads (null userId, string amount) with a structured error before any API call.
- PiiDetectionGuard blocks raw credit card numbers — only tokenized values should be in
paymentMethodToken. - RateLimitingGuard prevents a single user from flooding the payment endpoint.
Sample 3 — External API Caller with Circuit Breaking
A node that calls a third-party API. Circuit breaker protects the downstream service during outages. Rate limiting prevents hammering.
{
"guardRails": {
"individual": [
{
"name": "TimeoutGuard",
"enabled": true,
"order": 1,
"config": { "TimeoutMs": 5000, "WarnAtMs": 3000 }
},
{
"name": "CircuitBreakerGuard",
"enabled": true,
"order": 2,
"config": {
"failureThreshold": 5,
"openDurationSeconds": 60,
"halfOpenMaxCalls": 2
}
},
{
"name": "RateLimitingGuard",
"enabled": true,
"order": 3,
"config": {
"scope": "tenant",
"maxRequests": 100,
"windowSeconds": 60
}
}
]
}
}What happens:
- TimeoutGuard prevents hung API calls from blocking threads.
- CircuitBreakerGuard opens after 5 failures, preventing cascading load on the downstream API.
- RateLimitingGuard caps total tenant throughput to 100 req/min across all users in the tenant.
Sample 4 — Compliance Audit Node (GDPR)
A node that processes user-submitted text. Any PII must be detected and logged; the workflow should continue for compliance logging but the violation is recorded.
{
"guardRails": {
"individual": [
{
"name": "PiiDetectionGuard",
"enabled": true,
"order": 1,
"enableDelayedEnforcement": true,
"config": {
"sensitivityLevel": "medium",
"piiTypes": ["Email", "Phone", "SSN", "Passport", "DriverLicense"]
}
}
]
}
}
Delayed enforcement for monitoring rollouts
enableDelayedEnforcement: true logs violations to the audit trail without blocking execution. Use this when rolling out PII detection on existing workflows to assess false positive rates before switching to strict blocking.
Sample 5 — Guard Groups (Reusable Bundles)
Define groups once, reuse across many nodes. Register at startup, reference by name in node configs.
Group registration (startup)
var registry = serviceProvider.GetRequiredService<IGuardRegistry>();
registry.RegisterGroup("PiiCompliance", new GuardGroupDefinition
{
Guards = new[]
{
new GuardEntry { Name = "PiiDetectionGuard", Order = 1,
Config = new { sensitivityLevel = "high" } },
new GuardEntry { Name = "PiiRedactionGuard", Order = 2,
Config = new { redaction_method = "partial" } }
}
});
registry.RegisterGroup("ApiResilience", new GuardGroupDefinition
{
Guards = new[]
{
new GuardEntry { Name = "TimeoutGuard", Order = 1, Config = new { TimeoutMs = 5000 } },
new GuardEntry { Name = "CircuitBreakerGuard", Order = 2 },
new GuardEntry { Name = "RateLimitingGuard", Order = 3,
Config = new { scope = "tenant", maxRequests = 100, windowSeconds = 60 } }
}
});Node configuration using groups
{
"guardRails": {
"groups": ["PiiCompliance", "ApiResilience"]
}
}Mandatory groups (always run regardless of node config)
{
"guardRails": {
"mandatoryGroups": ["PiiCompliance"],
"groups": ["ApiResilience"],
"individual": [
{
"name": "InputValidationGuard",
"enabled": true,
"config": { "schema": {...}, "strictMode": true }
}
]
}
}Sample 6 — GuardRailCheckResult Patterns
Guard return values that the pipeline uses to make allow/block decisions:
// Success — guard passed, output not modified
return GuardRailCheckResult.Success();
// Success with output modification (Post phase, e.g., PiiRedactionGuard)
return GuardRailCheckResult.Success(outputModified: true,
metadata: new Dictionary<string, object?> { ["redacted_count"] = 3 });
// Blocked — halt execution, return error to caller
return GuardRailCheckResult.Blocked(
"PII detected: Email, SSN",
metadata: new Dictionary<string, object?>
{
["pii_types"] = new[] { "Email", "SSN" },
["match_count"] = 2
});
// Blocked with retry guidance (RateLimitingGuard)
return GuardRailCheckResult.Blocked(
"Rate limit exceeded",
retryAfter: TimeSpan.FromSeconds(30),
metadata: new Dictionary<string, object?>
{
["limit"] = 100,
["window_s"] = 60,
["tenant_id"] = tenantId
});
// Warning — log violation but do not block (delayed enforcement)
return GuardRailCheckResult.Warning("PII detected in input", metadata: ...);Sample 7 — Full Execution Result
The GuardRailsExecutionResult returned to BaseNodeExecutor after each phase:
{
"IsAllowed": false,
"IsBlocked": true,
"TotalDurationMs": 19,
"OutputModified": false,
"ExecutedGuards": [
"TimeoutGuard",
"RateLimitingGuard",
"PiiDetectionGuard"
],
"Violations": [
{
"GuardName": "PiiDetectionGuard",
"Phase": 0,
"Reason": "PII detected: SSN, Email",
"TenantId": 42,
"OperationId": "op-abc-123"
}
],
"Timeline": [
{ "Guard": "TimeoutGuard", "Phase": "Pre", "DurationMs": 2, "Passed": true },
{ "Guard": "RateLimitingGuard", "Phase": "Pre", "DurationMs": 5, "Passed": true },
{ "Guard": "PiiDetectionGuard", "Phase": "Pre", "DurationMs": 12, "Passed": false,
"Reason": "PII detected: SSN, Email" }
]
}Sample 8 — Minimal Custom Guard
The smallest possible working guard — a business-hours check that blocks requests outside 08:00–18:00 UTC:
public class BusinessHoursGuard : IGuardRail
{
public string Name => "BusinessHoursGuard";
public string Version => "1.0.0";
public IReadOnlyList<GuardRailPhase> SupportedPhases => new[] { GuardRailPhase.Pre };
public bool IsSecurityCritical => false;
public Task<GuardRailCheckResult> ExecuteAsync(
GuardRailExecutionContext context,
GuardRailPhase phase,
CancellationToken cancellationToken = default)
{
var hour = DateTime.UtcNow.Hour;
if (hour < 8 || hour >= 18)
{
return Task.FromResult(GuardRailCheckResult.Blocked(
$"Requests not accepted outside business hours (current UTC hour: {hour})"));
}
return Task.FromResult(GuardRailCheckResult.Success());
}
public void SetConfiguration(IDictionary<string, object?> configuration) { }
public bool Validate(IDictionary<string, object?> cfg) => true;
public GuardRailConfigValidationResult ValidateWithDetails(IDictionary<string, object?> cfg)
=> GuardRailConfigValidationResult.Valid();
public string GuardName => Name;
public string Description => "Blocks requests outside 08:00–18:00 UTC.";
public string ConfigurationSchema => "{}";
public IReadOnlyList<GuardRailDependency> Dependencies => Array.Empty<GuardRailDependency>();
}Register and use
// Startup
builder.Services.AddSingleton<IGuardRail, BusinessHoursGuard>();
// Node config
{
"guardRails": {
"individual": [
{ "name": "BusinessHoursGuard", "enabled": true }
]
}
}Sample 9 — All Six Guards Together
A maximum-coverage configuration combining all built-in guards. Adapt thresholds for your specific node type.
{
"guardRails": {
"individual": [
{
"name": "TimeoutGuard",
"enabled": true,
"order": 1,
"isSecurityCritical": false,
"config": { "TimeoutMs": 10000, "WarnAtMs": 7000 }
},
{
"name": "InputValidationGuard",
"enabled": true,
"order": 2,
"isSecurityCritical": true,
"config": {
"schema": {
"type": "object",
"required": ["userId", "payload"],
"properties": {
"userId": { "type": "string" },
"payload": { "type": "object" }
}
},
"strictMode": true
}
},
{
"name": "PiiDetectionGuard",
"enabled": true,
"order": 3,
"isSecurityCritical": true,
"config": {
"sensitivityLevel": "high",
"piiTypes": ["SSN", "CreditCard", "Email", "Phone", "BankAccount", "CVV"]
}
},
{
"name": "RateLimitingGuard",
"enabled": true,
"order": 4,
"isSecurityCritical": false,
"config": {
"scope": "tenant",
"maxRequests": 200,
"windowSeconds": 60
}
},
{
"name": "CircuitBreakerGuard",
"enabled": true,
"order": 5,
"isSecurityCritical": false,
"config": {
"failureThreshold": 5,
"openDurationSeconds": 60,
"halfOpenMaxCalls": 3
}
},
{
"name": "PiiRedactionGuard",
"enabled": true,
"order": 6,
"isSecurityCritical": true,
"config": {
"redaction_method": "partial",
"fields": []
}
}
]
}
}
Order matters for Pre-phase guards
Guards run in ascending
order within each phase. Put structural guards first (timeout, validation) so they reject bad inputs before heavier guards (PII detection, circuit breaker) process them.